Completing the Pre-migration Checklists

Overview of Completing the Pre-migration Checklists

Locate the SAS pre-installation checklist that you will use to deploy your SAS 9.3 software.
If your SAS representative created a custom deployment plan for your site, then use the checklist that came with the custom plan.
If you are using a standard deployment plan, then use the checklist that came with the standard plan. Standard deployment plans are stored by default in the SAS Software Depot. However, you can download the latest SAS 9.3 standard deployment plans that also contain a corresponding architectural diagram and pre-installation checklist at http://support.sas.com/installcenter/plans.
After you locate the appropriate checklist for your order, complete it and have it available to refer to when you run the SAS Deployment Wizard later in the migration process.

Complete the External User Account Checklist

In the third maintenance release for SAS 9.2, you have the option of using SAS internal accounts to minimize the number of headless operating system accounts required to deploy SAS. For more information, see Choose to Use SAS Internal Accounts.
Also, make sure that you review important information in the topic Important Notes on User Accounts and Authentication.
Note: If you are migrating to new machines, make sure that the external accounts that you plan to use are present. For more information, see the section on users, groups, and ports in the SAS Intelligence Platform: Installation Guide, available at either http://support.sas.com/913administration or http://support.sas.com/92administration.

Important Notes on User Accounts and Authentication

Consider the following items when working with user accounts during the migration process:
  • Identities must be unique. You cannot reassign an existing system identity that is associated with a metadata persona in either the current SAS or SAS 9.3 configuration. For example, if the operating system user account sasguest is associated in metadata with the SAS Guest persona in your SAS 9.1.3 system, you cannot also associate sasguest in SAS 9.3 with the SAS Anonymous Web User.
  • On UNIX systems, the SAS Deployment Wizard requires that you supply the root password during configuration. Certain SAS products and features use functionality that requires SAS to check user ID authentication and file access authorizations. This in turn necessitates that certain files within your SAS installation have setuid permissions and be owned by root.
  • On UNIX and z/OS, the SAS installer account requires permission to invoke the chown command on the directories and files being migrated. If the installer account does not have this permission, then you must manually run the permission scripts using the root account after the SAS Deployment Wizard finishes executing. These scripts reside under SAS-configuration-directory/Levn/Temp.
    On Windows, migrated files will be owned by the identity running the SAS Deployment Wizard regardless of their ownership on the current SAS system, but will retain the same effective permissions as on the current SAS system.
  • The SAS automated migration tools detect machine name changes for the metadata server during the migration process and automatically changes host name domains in all logins and for the necessary file permissions.
    For example, if the metadata server host name changed from “myhost” to “mynewhost,” then all domain logins that are qualified with “myhost” are automatically changed to “mynewhost.” (The tools change “myhost\sasadm” and “myhost\sastrust” to “mynewhost\sasadm” and “mynewhost\sastrust.”)
  • The SAS automated migration tools do not automatically change the following:
    • required external user account IDs
      (For example, the tools do not automatically change “myhost\ebiadmin” to “myhost\sasadm” or “ebiadmin” to “sasadm.”)
      You must specify these new external accounts when prompted for them in the deployment wizard in order to change the SAS metadata. To change the file permissions, use the temp scripts.
    • required operating system group (UNIX only)
      (For example, the tools do not automatically change the primary group of the SAS Installer user from “sas913” to “sas.”)
      To change the file permissions that involve group membership, use the temp scripts. (There are no SAS metadata changes required when you change an operating system user group.)
  • If your UNIX system uses an authentication method other than /etc/passwd or /etc/shadow, then you must configure authentication before you begin your SAS software deployment, or SAS 9.3 will not function properly. For more information, see the Configuration Guide for SAS 9.3 Foundation for UNIX Environments.
  • The SAS Anonymous Web User is used to grant clients access to applicable SAS Web Infrastructure Platform applications such as SAS BI Web Services and the Stored Process Web Application.
  • The user ID under which the SAS Content Server is running has to have Write permission for the migration package directory. If the migration package is created on a Windows shared directory, the content server user would have to have permission to write to the network device.
    Alternatively, you can create the migration package with the content server shut down and the content repository copy will be created using the migration utility's user identity. Similarly, the migration utility user must have Write permission for the migration package directory. In this situation, the migration utility user must also have Write permission on the content server repository directory. (Note that shutting down the Web application server might have impacts on other parts of the SAS middle tier for which you are creating a migration package.)
    Running the Web application server as a Windows service under the Local System Account requires that the migration package to be written on the local machine, if you create the package with the content server running.
  • The SAS Deployment Wizard prompts you for a SAS Spawned Server account. The user ID and password that you supply are assigned as the launch credentials for any new SAS servers that are being introduced in the SAS version to which you are migrating (for example, the pooled workspace server which was introduced in SAS 9.2 or any server not present on the source system). The deployment wizard stores these new launch credentials in metadata as follows:
    • If you supply a user ID that already exists in metadata, the migrated password in that login is overwritten with the password that you supply.
      For more information, see Password Policies in SAS Intelligence Platform: Installation and Configuration Guide.
    • If you supply a user ID that does not already exist in metadata, the credentials that you supply are stored in a new login on the Accounts tab of the SAS General Servers group.
      For more information, see Launch Credentials in SAS Intelligence Platform: Security Administration Guide.
  • The migration process does not change any existing launch credential assignments. For example, if the SAS 9.1.3 stored process server has a login (for example, spsrv) as its designated launch credential, that assignment is preserved. If the spsrv account is not valid on the SAS 9.3 machine, the stored process server will not work in the SAS 9.3 environment (until you change that server's launch credential).

Complete the New Server Ports Checklist

Complete the ports section of the pre-install checklist to use later, during the installation and migration step, when the SAS Deployment Wizard prompts you for ports to designate for the new SAS servers. The deployment wizard uses the same ports when migrating the current SAS servers. For information about changing the ports that you use, see the SAS Deployment Wizard Port Remap page.
Note: If you are migrating to new machines, make sure that the ports that you plan to use are unused. For more information, see the section on users, groups, and ports in the SAS Intelligence Platform: Installation Guide. For SAS 9.1.3 go to http://support.sas.com/documentation/configuration/biig.pdf. For SAS 9.2, go to http://support.sas.com/documentation/cdl/en/biig/60946/HTML/default/viewer.htm#a003070263.htm.

Review SAS 9.3 Documentation

It is very important to review all the different documents associated with deploying your SAS 9.3 software. There can be late-breaking information, or instructions specific to a particular configuration might be too narrow for inclusion in the SAS Intelligence Platform: Migration Guide.
Your review should include these documents:

SAS BI Dashboard 4.2 (and Earlier) Migration Note

This topic concerns SAS BI Dashboard 4.2 (and earlier) running on UNIX.
Before running the SAS Deployment Wizard, identify the SAS 9.2 common data directory. By default, the common data directory is located in the Data directory under the SAS configuration directory (for example, /SAS/Config/Lev1/Data. If the SAS 9.2 common data directory is not contained under your SAS 9.2 configuration directory, then be sure to choose the deployment wizard Custom prompting level. For more information, see Overview of Configuration Options by Prompt Level.
When the wizard prompts for the Common Data Directory, enter the absolute path of your SAS 9.2 common data directory. You should also ensure that the 9.3 installer has Write permission to this location.

Determine the Path to Database JDBC JAR Files

The database required by the SAS Web Infrastructure Platform uses JDBC for communication. Determine the path to the database JDBC driver JAR files. During the installation and migration step, the SAS Deployment Wizard prompts you for them.

Determine the User ID Associated with Scheduled Flows

After migration, you will need to reschedule all of your SAS flows. (See Server Tier Post-migration Tasks.) To do this you will need to know the user ID under which each flow is scheduled to run.
Follow these steps to determine the user ID associated with scheduled flows:
  1. Log on to Platform Flow Manager.
  2. Select the user ID tab.
  3. For each user ID, note the flows associated with it.

Permission Considerations When User Accounts or Groups Change

The SAS automated migration tools are shipped with scripts that are used to assign the proper permissions to files and directories under the SAS configuration directory. If you are using required operating system user accounts and group names in SAS 9.3 that are different from the ones on your current SAS system, then you must make sure that the permissions reflect these changes.
During configuration, the SAS Deployment Wizard invokes the levconfig extension (a part of the migration package) which converts certain temporary files into corresponding permission script files (*.bat and *.sh files). The deployment wizard persists these permission script files in the SAS 9.3 configuration directory (under Levn/Temp) and then invokes them during configuration.
You have to do one of the following procedures:
  • Before running the SAS Deployment Wizard, do the following:
    Replace occurrences of a current SAS external user account (for example, “ebiadmin”) with the SAS 9.3 external user account (for example, “sasadm”) in the *.tmp files in the levconfig\levconfig1 directory of the migration package
    (for example, /smu_package/host1.example.com/levconfig/levconfig1).
  • Or, after running the SAS Deployment Wizard, do the following:
    Replace occurrences of a current SAS required external account with the SAS 9.3 required external account in the permission scripts residing in SAS 9.3-configuration-directory/Levn/Temp, and rerun these scripts.